Joe Testa
28a1e23986
Added warnings to all key exchanges that do not provide protection against quantum attacks.
2024-11-25 15:56:51 -05:00
Joe Testa
93b30b4258
Removed version-based CVE information. ( #240 )
2024-09-26 13:15:58 -04:00
Joe Testa
8190fe59d0
Added implementation for DHEat denial-of-service attack (CVE-2002-20001). ( #211 , #217 )
2024-04-18 13:58:13 -04:00
Joe Testa
d7f8bf3e6d
Updated notes on OpenSSH default key exchanges. ( #258 )
2024-03-19 18:24:22 -04:00
Joe Testa
3d403b1d70
Updated availability of algorithms in Dropbear. ( #257 )
2024-03-19 15:47:09 -04:00
Joe Testa
7b3402b207
Added note that sntrup761x25519-sha512@openssh.com is the default OpenSSH kex since version 9.0.
2024-03-15 17:24:21 -04:00
Joe Testa
75dbc03a77
Added 'additional_notes' field to JSON output.
2023-12-19 18:03:07 -05:00
Joe Testa
c259a83782
Added note that when a target is properly configured against the Terrapin vulnerability that unpatched peers may still create vulnerable connections. Updated Ubuntu Server & Client 20.04 & 22.04 policies to include new key exchange markers related to Terrapin counter-measures.
2023-12-19 14:03:28 -05:00
Joe Testa
f8e29674a3
Refined JSON notes output. Fixed Docker & Tox tests.
2023-09-05 16:36:54 -04:00
Joe Testa
199e75f6cd
Refined GEX testing against OpenSSH servers: when the fallback mechanism is suspected of being triggered, perform an additional test to obtain more accurate results.
2023-09-03 16:13:00 -04:00
Joe Testa
263267c5ad
Added support for mixed host key/CA key types (i.e.: RSA host keys signed by ED25519 CAs) ( #120 ).
2023-04-25 09:17:32 -04:00
Joe Testa
4f31304b66
Alphabetized algorithm database.
2023-03-28 12:09:25 -04:00
Joe Testa
dc083de87e
Added recommendations and CVE information to JSON output ( #122 ).
2023-03-24 18:48:36 -04:00
tomatohater1337
1f0b3acff2
Complete "target" in the JSON output with the port ( #123 )
...
* Complete "target" in JSON output with the port
The JSON output was not showing the port of the target which was scanned. This could be problematic when scanning a host with more than one ssh service running.
* Docker tests completet with the port of the scan target in the JSON output
2021-10-13 23:44:55 -04:00
Joe Testa
07862489c4
Added MD5 fingerprint hashes to verbose output.
2021-05-20 18:03:24 -04:00
Joe Testa
13d15baa2a
Added multi-threaded scanning support.
2021-02-01 13:10:06 -05:00
Joe Testa
0263769243
Added JSON output tests to docker testing suite.
2019-11-08 18:40:32 -05:00